Electronic value exchange system, mobile terminal, and electronic value exchange method

ABSTRACT

An electronic value exchange system  100  comprises a mobile terminal  10  and a mobile terminal  20 . The mobile terminal  10  causes a driver  12  to transmit an exchange offer message of electronic value V 1 , V 2  to the mobile terminal  20 . The mobile terminal  20  stores handlers that the driver  12  can execute in relationship to a message in a common table  221 , and acquires a handler corresponding to the above-mentioned offer message, and notifies the exchange offer contents based on the handler to an application program  21 . If the application program  21  consents to the offer contents according to the operation of a user, the electronic value V 2  stored in an IC card  23  is transmitted to an IC card  13  via a driver  22  and the driver  12.

TECHNICAL FIELD

The present invention relates to a technique to exchange electronicvalue between different communication terminals.

BACKGROUND ART

Recently, the research on TRON (The Real-time Operating system Nucleus)is being developed as a means to realize an environment of ubiquitouscomputing. In particular, a mobile terminal that incorporates an IC(Integrated Circuit) card, such as an e-TRON card, does not require anapplication program when giving and receiving electronic value, such aselectronic money and electronic coupon, between terminals, and atechnique to perform transmission and reception of value directlybetween IC cards of both terminals has been proposed. As a system thathas applied such a technique to charging of electronic value to make upthe deficit, for example, an electronic value charging system havingboth high security and simplicity is disclosed in patent document 1.

-   Patent document 1: Japanese Patent Application Laid-Open No.    2003-337887

DISCLOSURE OF THE INVENTION

However, in the above-mentioned prior art, exchange of electronic valueis effected directly between IC cards having tamper-resistantproperties. Due to this, while high security can be secured, there is apossibility of a problem in that the operation of the IC card sidecannot be grasped at all times by the application program side. Forexample, the IC card is a black box, therefore, the user of a terminalgrasps the details processed through the application program, andhowever, it is not possible to present necessary information to the userunless the process state is notified to the application program.

Therefore, an object of the present invention is to avoid a trouble thatthe processing performed on the IC card side or disconnection ofcommunication between the IC cards cannot be recognized by theapplication program, when a terminal device having the applicationprogram outside the IC card effects exchange of electronic value betweenthe IC cards.

An electronic value exchange system according to the present inventionis an electronic value exchange system for effecting exchange ofelectronic value held in an IC card of each terminal between a senderside terminal and a receiver side terminal, wherein: the sender sideterminal comprises a transmission means for transmitting an exchangeoffer message offering exchange of the electronic value to the receiverside terminal; and the receiver side terminal comprises: a storage meansfor storing a handler indicating the contents of processing to beexecuted in relationship to a message; a notification means for, uponreceipt of the exchange offer message transmitted by the transmissionmeans, acquiring a handler corresponding to the exchange offer messagefrom the storage means to notify the offer contents based on the handlerto an application program; and an exchange means for effecting exchangeof electronic value by transmitting the electronic value to the senderside terminal when the consent for the offer contents notified by thenotification means is obtained from the application program.

A mobile terminal according to the present invention is a mobileterminal for effecting exchange of electronic value held in an IC cardof the own terminal with another mobile terminal, comprising: a storagemeans for storing a handler indicating the contents of processing to beexecuted in relationship to a message; a notification means for, uponreceipt of an exchange offer message offering exchange of the electronicvalue transmitted from said another mobile terminal, acquiring a handlercorresponding to the exchange offer message from the storage means tonotify the offer contents based on the handler to an applicationprogram; and an exchange means for effecting exchange of electronicvalue by transmitting the electronic value to said another mobileterminal when the consent for the offer contents notified by thenotification means is obtained from the application program.

An electronic value exchange method according to the present inventionis an electronic value exchange method comprising: a transmission stepin which a sender side terminal transmits an exchange offer message foroffering exchange of electronic value to a receiver side terminal; anotification step in which the receiver side terminal having a storagemeans for storing a handler indicating the contents of processing to beexecuted in relationship to a message, upon receipt of the exchangeoffer message transmitted in the transmission step, acquires a handlercorresponding to the exchange offer message from the storage means andnotifies the offer contents based on the handler to an applicationprogram; and an exchange step in which, when the consent for the offercontents notified in the notification step is obtained from theapplication program, exchange of electronic value is effected bytransmitting the electronic value to the sender side terminal.

According to the present invention, upon receipt of an offer to exchangeelectronic value held in the IC card of the own terminal with electronicvalue in the IC card of the sender side terminal (another mobileterminal) from the sender side terminal, the receiver side terminal (themobile terminal) notifies the offer to the application program of theown terminal. If the application program returns an affirmative reply tothe offer contents by the operation by the user of the receiver sideterminal etc., the receiver side terminal performs transmission ofelectronic value to the sender side terminal. At the same time,electronic value is transmitted also from the sender side terminal andexchange of electronic value is completed. As described above, thedirect exchange processing of electronic value between the IC cards isexecuted after the consent/refusal judgment by the application programstored in the receiver side terminal. Therefore, it is made possible forthe application program side to asynchronously recognize the processingexecuted between the IC cards.

In the electronic value exchange system according to the presentinvention, it is preferable for the notification means to, whendetecting that the exchange of the electronic value is completed,acquire a handler corresponding to an exchange completion message fromthe storage means and notify the completion of exchange to theapplication program and the sender side terminal in accordance with thehandler.

Further, in the mobile terminal according to the present invention, itis preferable for the notification means to, when detecting that theexchange of the electronic value is completed, acquire a handlercorresponding to an exchange completion message from the storage meansand notify the completion of exchange to the application program andsaid another mobile terminal in accordance with the handler.

According to the present invention, when exchange of electronic value iscompleted, this is notified to the application program of the receiverside terminal (the mobile terminal). In addition, by the direction fromthe notification means of the receiver side terminal, the applicationprogram of the sender side terminal (said another mobile terminal) isalso notified thereof. Therefore, even in the case where exchange ofelectronic value is not completed normally for some reason, such asdisconnection of communication, this can be recognized by both thesender terminal and the receiver terminal. Due to this, it is possibleto avoid in advance an unfair state in which, for example, theelectronic value recognized by the sender side to have been sent isactually not received by the receiver side, or despite that the IC cardof one of the sides has received electronic value, the other has not,etc.

According to the present invention, it is made possible to avoid atrouble due to the problem that the processing performed on the IC cardside or disconnection of communication between the IC cards cannot berecognized by the application program, when a terminal device having theapplication program outside the IC card effects exchange of electronicvalue between the IC cards.

BRIEF DESCRIPTION OF THE DRAWINGS

FIG. 1 is a diagram showing a configuration of an electronic valueexchange system.

FIG. 2 is a diagram showing an example of data storage in a common tableheld by a mobile terminal, wherein FIG. 2( a) is an example of datastorage in a common table held by a driver of a sender side terminal ofelectronic value and FIG. 2( b) is a diagram showing an example of datastorage in a common table held by a driver of a receiver side terminalof electronic value.

FIG. 3 is a first half portion of a flow chart for explaining theoperation of an electronic value exchange system.

FIG. 4 is a second half portion of the flow chart for explaining theoperation of the electronic exchange system.

DESCRIPTION OF THE REFERENCE SYMBOLS

-   -   10, 20 mobile terminal    -   11, 21 application program    -   12, 22 driver    -   121, 221 common table    -   13, 23 IC card    -   100 electronic value exchange system    -   V1, V2 electronic value

BEST MODES FOR CARRYING OUT THE INVENTION

Embodiments of the present invention will be explained below withreference to the drawings accompanied for illustration. First, aconfiguration of an electronic value exchange system 100 in the presentembodiment is explained. As shown in FIG. 1, the electronic valueexchange system 100 comprises a mobile terminal 10 (a sender sideterminal, corresponding to another mobile terminal) and a mobileterminal 20 (corresponding to a receiver side terminal). The mobileterminals 10, 20 are, for example, mobile phones or PDAs (PersonalDigital Assistance), however, provided that a terminal device has acommunication function, there is no limitation imposed by its functionand use. The mobile terminal 10 and the mobile terminal 20 areconfigured so as to be capable of transmission and reception ofelectronic value via a short-range radio communication channel using adriver possessed respectively.

Subsequently, each component of the mobile terminal 10 is explained. Themobile terminal 10 has an application program 11, a driver 12(corresponding to a transmission means), and an IC card 13. Each ofthese components is connected such that inputting/outputting of a signalis possible mutually via a bus.

When a user of the mobile terminal 10 directs exchange of electronicvalue, the application program 11 (hereinafter, referred to as “AP11”)notifies the direction to the driver 12. Further, the AP11 detectscompletion of exchange of electronic value by the input of a callbackfunction from the driver 12. At this time, if necessary, the completionof exchange is notified to the user of the mobile terminal 10.

The driver 12 has a common table 121 in which handlers are registered inrelationship to a message. The driver 12 refers to the common table 121for identifying a handler corresponding to the acquired message, andthen executes the above-mentioned handler using the callback functioncorresponding to the handler. For example, when acquiring an exchangecompletion message “COMMITTED” from the IC card 13, the driver 12executes a handler “notify to AP11” using the callback function“inform-ap (state)” corresponding thereto.

Here, an example of the internal configuration of the common table 121is shown in FIG. 2( a). The common table 121 has a message region 121 a,a handler region 121 b, and a function region 121 c. In the messageregion 121 a, data of coded messages, such as an exchange direction,exchange offer, and exchange completion of electronic value (forexample, “0X03”, “0X05”, . . . ), is stored. In the handler region 121b, the contents of processing to be executed by the occurrence of thecorresponding message (event) as a trigger are registered as handlers(for example, “notify to AP11”, “transmit to ICC23”, . . . ). Further,in the function region 121 c, the callback function and its parameters(for example, “inform-ap (state)”, . . . ) for executing thecorresponding handler as the need arises are registered in conjunctionwith the handler. The data in the common table 121 is registered byutilizing AP11 before the exchange processing of electronic valuestarted.

In the IC card 13, electronic value V1 to be exchanged is stored. It ispreferable for the IC card 13 to be configured by a tamper-resistantdevice from the standpoint of preservation of security such as,prevention of tampering and duplication of the electronic value V1. Theelectronic value V1 is representation (an embodiment) of some economicalvalue put into electronic data and relevant examples include electronicmoney representative of the value of money and electronic tickets (bookcoupon, ticket coupon, etc.) provided in a prepaid scheme.

When the exchange direction message is input from the driver 12, the ICcard 13 transmits the message as the exchange offer message to themobile terminal 20 via the driver 12. Further, when the exchangecompletion message is input from an IC card 23 via a driver 22 and thedriver 12, the IC card 13 outputs the exchange completion message to thedriver 12 of the mobile terminal 10.

The mobile terminal 20 also has the same configuration as that of themobile terminal 10. In other words, the mobile terminal 20 has anapplication program 21, the driver 22 (corresponding to the notificationmeans), and the IC card 23 (corresponding to the exchange means). Eachof these components is connected such that inputting/outputting of asignal is possible mutually via a bus.

The application program 21 (hereinafter, referred to as “AP21”) presentsthe offer contents of the message to the user of the mobile terminal 20in accordance with the callback function and the parameters input fromthe driver 22. The AP 21 stands by for the directive operation by theuser and replies “OK” when there is a direction of consent and “NG”,when not. When the callback function is input from the driver 22, the AP21 notifies, with this as a trigger, the completion of exchange ofelectronic value to the user of the mobile terminal 20 as the needarises.

The driver 22 has a common table 221 (corresponding to a storage means)where data which is common to the data in the common table 121 of themobile terminal 10 is registered. An example of the internalconfiguration of the common table 221 is shown in FIG. 2( b). Theconfiguration of the common table 221 is the same as that of the commontable 121 described above in detail, therefore, the symbols having thesame series (the end of the symbol string is the same) are attached tothe same data storage regions and the explanation is omitted. The driver22 performs management of the handler corresponding to the message andthe parameters with reference to the common table 221.

For example, upon receipt of an exchange offer message “OFFER (V1, V2)”transmitted from the mobile terminal 10, the driver 22 acquires thehandler corresponding to this from the common table 221 and notifies theoffer contents based on the handler to the AP21. When the consent forthe offer contents is obtained, the driver 22 outputs the exchange offermessage to the IC card 23 and directs to start exchange of electronicvalue. Further, when acquiring the exchange completion message“COMMITTED” from the IC card 23 on completion of the exchange ofelectronic value, the driver 22 executes the handler, “notify to theAP21” using the callback function “inform-ap (state)” corresponding tothis.

When the exchange offer message “OFFER (V1, V2)” is input from thedriver 22, the IC card 23, with this as a trigger, starts exchangeprocessing of electronic value with the IC card 13 as a communicationdestination. The exchange processing is performed directly between theIC cards, not via the AP11 or AP21. In other words, the IC card 23transmits the electronic value V2 stored therein to the IC card 13 viathe drivers 22, 12 and a radio channel. Similarly, the IC card 13transmits the electronic value V1 to the IC card 23 via the drivers 12,22 and the radio line. When both the IC cards receive the electronicvalue of the other party, the exchange is completed.

Next, with reference to FIG. 3 and FIG. 4, the operation of anelectronic value exchange system 100 in the present embodiment and eachstep constituting an electronic value exchange method according to thepresent invention are explained. As a premise of explanation, asituation is assumed in the present embodiment, in which exchangebetween the data V1 owned by the user A of the mobile terminal 10 andthe data V2 owned by the user B of the mobile terminal 20 is desired.Further, prior to the start of exchange, it is assumed that theabove-described common table 121 (refer to FIG. 2( a)) is registered inthe mobile terminal 10 and the common table 221 (refer to FIG. 2( b)),in the mobile terminal 20, respectively.

First, when directed from the user A of the mobile terminal 10 (S1 inFIG. 3), the AP11 directs the driver 12 to exchange electronic valueusing the API (Application Program Interface) (S2). As a function thatdirects to start exchange, for example, “exe-exchange (ICC13, ICC23, V1,V2)” is used.

The driver 12 having received exchange direction creates an exchangedirection message having “ICC23, V1, V2” as parameters by transformingthe above-mentioned API into a message (S3). The driver 12 transfers theexchange direction message to the IC card 13 described on thedestination header (S4).

Upon receipt of the exchange direction message, the IC card 13 transmitsthe exchange offer message having the data (V1, V2) to be exchanged asparameters toward the driver 22 of the IC card 23, the other party ofthe communication (S5). The exchange offer message is transmitted viathe driver 12 and can be represented by OFFER (V1, V2).

When detecting the reception of the message, the driver 22 on the mobileterminal 20 side collates the message with the message in the commontable 221 and acquires a handler corresponding to the message if thereis a match (S6). Since “0X03”, which is coded “OFFER”, is registered inthe message region 221 a in the common table 221, in S6, the handler“notify to AP21” corresponding thereto is acquired.

In S7, the driver 22 delivers the parameters of the message to the AP21as the offer contents, in accordance with the description of the handleracquired in S6. Specifically, the driver 22 extracts the parameters “V1,V2” from the callback function (for example, cfm-prop, which is one ofthe SPI functions) corresponding to the acquired handler and outputsthem to the AP21 with the above-mentioned callback function. The AP21having received the offer contents judges whether or not consent is tobe given to the offer contents, based on the direction by the user B ofthe mobile terminal 20 (S8). When the user B directs consent (S8; YES),the AP21 returns an affirmative reply “OK” to the driver 22 (S9). Thedriver 22 judges that the user B consents to the offer contents by thereply “OK” and outputs the exchange offer message (OFFER (V1, V2))received in S5 to the IC card 23 (S10).

With the inputting of the exchange offer message to the IC card 23 as atrigger, between the IC card 13 and the IC card 23, exchange of theelectronic value owned by the respective cards is started (S11). Thetransmission/reception processing of the electronic value in S11 isperformed via the driver (that is, directly) but completed not via theapplication program. Due to this, interception and tampering of theelectronic value are prevented and a high security level is maintained.

By the way, in S8, if the user B refuses (S8; NO), the AP21 returns anegative reply “NG” to the driver 22 (S12). The driver 22 havingreceived the negative replay notifies an error to the message to the ICcard 13 via the driver 12 (S13). Due to this, the IC card 13 detectsthat exchange of electronic value is refused.

In FIG. 4, when the exchange of electronic value is completed, that is,when the IC card 23 acquires the electronic value V1, the IC card 23transmits the exchange completion message (“COMMIT” on the transmissionside) to the IC card 13 via the drivers 22, 12 (S14). At the time oftransmission, the same processing as that in the above-mentioned S6, S7is also executed. In other words, when transmitting the exchangecompletion message, the driver 22 on the mobile terminal 20 sidecollates the message with the message in the common table 221 andacquires a handler corresponding to the message if there is a match(S15). Since “0X10”, which is coded “COMMIT”, is registered in themessage region 221 a in the common table 221, in S15, the handler“notify to AP21” corresponding thereto is acquired again.

In S16, the driver 22 delivers the parameters of the message to the AP21as the offer contents, in accordance with the description of the handleracquired in S15. Specifically, the driver 22 extracts the parameter“state” from the callback function (for example, inform-ap)corresponding to the acquired handler and outputs it to the AP21 withthe above-mentioned callback function. Due to this, the AP 21 recognizesthat the exchange of electronic value has been completed normally.

On the other hand, after receiving the exchange completion message(“COMMITTED” because of being on the reception side) transmitted in S14(S17), the IC card 13 outputs this to the AP11 via the driver 12. At thetime of notification of exchange completion also, the table 121 isreferred to (S18). The AP11 cannot receive the message from the IC card13 directly but the interposed driver 12 notifies the AP11 of theabove-mentioned message contents (a state of exchange completion) byexecuting the handler corresponding to the message registered in thetable 121. For the notification of the message, same to the processingin S16, the callback function having “state” as a parameter (forexample, inform-ap) is used (S19). With the processing in S17, the AP11recognizes that the exchange of electronic value has been completednormally.

The electronic value exchange system 100 explained above has thefollowing function and effect. First, the driver 22 on the receiver sideholds in advance the table 221 in which the contents of processing forthe event that occurs is registered and each time an event occurs,notifies the contents of processing requested to the AP21 by referringthereto. In the direct exchange of the electronic value between ICcards, while high security is ensured, it is difficult for the AP21 tograsp the details processed between the IC cards in a realtime manner,however, such a possible trouble is resolved by the above-mentionednotification. In other words, it is possible that the mobile terminalhas a function to cause the driver to monitor the message that reachesthe IC card on the receiver side. Since the monitoring result isnotified to the application program, it is possible for the applicationprogram to grasp the processing on the IC card side at all times.

Second, also when the exchange of electronic value is completed, thedriver 22 on the receiver side notifies the AP21 that the exchange iscompleted, by referring to the table 221. In the same manner, when theexchange of electronic value is completed, the driver 12 on the senderside notifies the AP11 that the exchange is completed, by referring tothe table 121. In other words, both of the application programs of themobile terminals 10, 20 that have effected exchange of electronic valuecan recognize that the exchange has been completed normally, therefore,it is made possible to judge that the exchange of electronic value hasnot been completed normally, when at least one of the above-mentionednotifications is not received.

By the way, factors that do not cause the exchange of electronic valueto complete normally include line disconnection due to the reduction incommunication resources and a direction to abort by the mobile terminal.When the processing of exchange of electronic value is aborted, it ispossible for the mobile terminal 10 or the mobile terminal 20 to connectto a communication controller installed outside the electronic valueexchange system 100. The communication controller is operated andmanaged by the TTP (Trusted Third Party) and determines whether to abortor continue the above-mentioned exchange processing.

Further, it is possible for the electronic value exchange system 100 to,asynchronously notify the application program of only the minimumrequired information depending on the judgment of the user whilemaintaining the confidentiality of the processing in the IC card. Due tothis, an increase in the processing load of the IC card can besuppressed.

INDUSTRIAL APPLICABILITY

The present invention has a use application in exchange between users ofelectronic money or electronic ticket stored in an IC card that can beattached to and detached from a mobile phone etc., and guarantees theconfidentiality and reliability.

The invention claimed is:
 1. An electronic value exchange system foreffecting exchange of electronic value held in an IC card of eachterminal between a sender side terminal and a receiver side terminal,wherein: the sender side terminal comprises: a first IC card configuredto hold a first electronic value; a transmitter configured to transmitan exchange offer message offering exchange of the first electronicvalue to the receiver side terminal; and the receiver side terminalcomprises: a second IC card configured to hold a second electronicvalue; a memory configured to store a handler indicating contents ofprocessing to be executed in relationship to a message; and a driverconfigured to, upon receipt of the exchange offer message transmitted bythe sender side terminal, acquire a handler corresponding to theexchange offer message from the memory to notify the offer contentsbased on the handler to an application program, and to effect exchangeof the second electronic value by transmitting the second electronicvalue to the sender side terminal when the consent for the offercontents notified to the application program is obtained from theapplication program.
 2. The electronic value exchange system accordingto claim 1, wherein the driver effects exchange of the electronic valueby transmitting the electronic value to the sender side terminal not viathe application program.
 3. A mobile terminal for effecting exchange ofelectronic value held in an IC card of the terminal with another mobileterminal, comprising: an IC card configured to hold a first electronicvalue; a memory configured to store a handler indicating contents ofprocessing to be executed in relationship to a message; and a driverconfigured to, upon receipt of an exchange offer message offeringexchange of a second electronic value transmitted from said anothermobile terminal, acquire a handler corresponding to the exchange offermessage from the memory to notify the offer contents based on thehandler to an application program, and to effect exchange of the firstelectronic value by transmitting the first electronic value to saidanother mobile terminal when the consent for the offer contents notifiedto the application program is obtained from the application program. 4.The mobile terminal according to claim 3, wherein when detecting thatthe exchange of the first electronic value is completed, the driveracquires a handler corresponding to an exchange completion message fromthe memory and notifies the completion of exchange to the applicationprogram and said another mobile terminal in accordance with the handler.5. The mobile terminal according to claim 3, wherein the IC card isconfigured by a tamper-resistant device.
 6. An electronic value exchangemethod comprising: a transmission step in which a sender side terminaltransmits an exchange offer message for offering exchange of a firstelectronic value stored in a first IC card of the sender side terminalto a receiver side terminal; a notification step in which the receiverside terminal having a memory configured to store a handler indicatingthe contents of processing to be executed in relationship to a message,upon receipt of the exchange offer message transmitted in thetransmission step, acquires a handler corresponding to the exchangeoffer message from the memory and notifies the offer contents based onthe handler to an application program; and an exchange step in which,when the consent for the offer contents notified in the notificationstep is obtained from the application program, exchange of a secondelectronic value stored in a second IC card of the receiver sideterminal is effected by transmitting the second electronic value to thesender side terminal.